1 use libc::*;
2 use std::ptr;
3
4 use *;
5
6 #[cfg(not(any(libressl, ossl110)))]
7 pub const SSL_MAX_KRB5_PRINCIPAL_LENGTH: c_int = 256;
8
9 #[cfg(not(ossl110))]
10 pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32;
11 #[cfg(not(ossl110))]
12 pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32;
13
14 #[cfg(not(any(libressl, ossl110)))]
15 pub const SSL_MAX_KEY_ARG_LENGTH: c_int = 8;
16 #[cfg(not(ossl110))]
17 pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48;
18
19 pub const SSL_SENT_SHUTDOWN: c_int = 1;
20 pub const SSL_RECEIVED_SHUTDOWN: c_int = 2;
21
22 pub const SSL_FILETYPE_PEM: c_int = X509_FILETYPE_PEM;
23 pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1;
24
25 pub enum SSL_METHOD {}
26 pub enum SSL_CIPHER {}
27 cfg_if! {
28 if #[cfg(any(ossl110, libressl280))] {
29 pub enum SSL_SESSION {}
30 } else if #[cfg(libressl251)] {
31 #[repr(C)]
32 pub struct SSL_SESSION {
33 ssl_version: c_int,
34 pub master_key_length: c_int,
35 pub master_key: [c_uchar; 48],
36 session_id_length: c_uint,
37 session_id: [c_uchar; ::SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
38 sid_ctx_length: c_uint,
39 sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize],
40 peer: *mut ::X509,
41 verify_result: c_long,
42 timeout: c_long,
43 time: time_t,
44 pub references: c_int,
45 cipher: *const ::SSL_CIPHER,
46 cipher_id: c_long,
47 ciphers: *mut stack_st_SSL_CIPHER,
48 tlsext_hostname: *mut c_char,
49 tlsext_tick: *mut c_uchar,
50 tlsext_ticklen: size_t,
51 tlsext_tick_lifetime_int: c_long,
52 internal: *mut c_void,
53 }
54 } else if #[cfg(libressl)] {
55 #[repr(C)]
56 pub struct SSL_SESSION {
57 ssl_version: c_int,
58 pub master_key_length: c_int,
59 pub master_key: [c_uchar; 48],
60 session_id_length: c_uint,
61 session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
62 sid_ctx_length: c_uint,
63 sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
64 not_resumable: c_int,
65 sess_cert: *mut c_void,
66 peer: *mut X509,
67 verify_result: c_long,
68 timeout: c_long,
69 time: time_t,
70 pub references: c_int,
71 cipher: *const c_void,
72 cipher_id: c_ulong,
73 ciphers: *mut c_void,
74 ex_data: ::CRYPTO_EX_DATA,
75 prev: *mut c_void,
76 next: *mut c_void,
77 tlsext_hostname: *mut c_char,
78 tlsext_ecpointformatlist_length: size_t,
79 tlsext_ecpointformatlist: *mut u8,
80 tlsext_ellipticcurvelist_length: size_t,
81 tlsext_ellipticcurvelist: *mut u16,
82 tlsext_tick: *mut c_uchar,
83 tlsext_ticklen: size_t,
84 tlsext_tick_lifetime_hint: c_long,
85 }
86 } else {
87 #[repr(C)]
88 pub struct SSL_SESSION {
89 ssl_version: c_int,
90 key_arg_length: c_uint,
91 key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize],
92 pub master_key_length: c_int,
93 pub master_key: [c_uchar; 48],
94 session_id_length: c_uint,
95 session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
96 sid_ctx_length: c_uint,
97 sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
98 #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
99 krb5_client_princ_len: c_uint,
100 #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
101 krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize],
102 #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
103 psk_identity_hint: *mut c_char,
104 #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
105 psk_identity: *mut c_char,
106 not_resumable: c_int,
107 sess_cert: *mut c_void,
108 peer: *mut X509,
109 verify_result: c_long,
110 pub references: c_int,
111 timeout: c_long,
112 time: c_long,
113 compress_meth: c_uint,
114 cipher: *const c_void,
115 cipher_id: c_ulong,
116 ciphers: *mut c_void,
117 ex_data: ::CRYPTO_EX_DATA,
118 prev: *mut c_void,
119 next: *mut c_void,
120 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
121 tlsext_hostname: *mut c_char,
122 #[cfg(all(
123 not(osslconf = "OPENSSL_NO_TLSEXT"),
124 not(osslconf = "OPENSSL_NO_EC")
125 ))]
126 tlsext_ecpointformatlist_length: size_t,
127 #[cfg(all(
128 not(osslconf = "OPENSSL_NO_TLSEXT"),
129 not(osslconf = "OPENSSL_NO_EC")
130 ))]
131 tlsext_ecpointformatlist: *mut c_uchar,
132 #[cfg(all(
133 not(osslconf = "OPENSSL_NO_TLSEXT"),
134 not(osslconf = "OPENSSL_NO_EC")
135 ))]
136 tlsext_ellipticcurvelist_length: size_t,
137 #[cfg(all(
138 not(osslconf = "OPENSSL_NO_TLSEXT"),
139 not(osslconf = "OPENSSL_NO_EC")
140 ))]
141 tlsext_ellipticcurvelist: *mut c_uchar,
142 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
143 tlsext_tick: *mut c_uchar,
144 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
145 tlsext_ticklen: size_t,
146 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
147 tlsext_tick_lifetime_hint: c_long,
148 #[cfg(not(osslconf = "OPENSSL_NO_SRP"))]
149 srp_username: *mut c_char,
150 }
151 }
152 }
153
154 stack!(stack_st_SSL_CIPHER);
155
156 #[repr(C)]
157 pub struct SRTP_PROTECTION_PROFILE {
158 pub name: *const c_char,
159 pub id: c_ulong,
160 }
161
162 stack!(stack_st_SRTP_PROTECTION_PROFILE);
163
164 pub type tls_session_ticket_ext_cb_fn =
165 Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
166 pub type tls_session_secret_cb_fn = Option<
167 unsafe extern "C" fn(
168 *mut SSL,
169 *mut c_void,
170 *mut c_int,
171 *mut stack_st_SSL_CIPHER,
172 *mut *mut SSL_CIPHER,
173 *mut c_void,
174 ) -> c_int,
175 >;
176
177 #[cfg(ossl111)]
178 pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001;
179 /* This extension is only allowed in DTLS */
180 #[cfg(ossl111)]
181 pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002;
182 /* Some extensions may be allowed in DTLS but we don't implement them for it */
183 #[cfg(ossl111)]
184 pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004;
185 /* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */
186 #[cfg(ossl111)]
187 pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008;
188 /* Extension is only defined for TLS1.2 and below */
189 #[cfg(ossl111)]
190 pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010;
191 /* Extension is only defined for TLS1.3 and above */
192 #[cfg(ossl111)]
193 pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020;
194 /* Ignore this extension during parsing if we are resuming */
195 #[cfg(ossl111)]
196 pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040;
197 #[cfg(ossl111)]
198 pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080;
199 /* Really means TLS1.2 or below */
200 #[cfg(ossl111)]
201 pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100;
202 #[cfg(ossl111)]
203 pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200;
204 #[cfg(ossl111)]
205 pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400;
206 #[cfg(ossl111)]
207 pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800;
208 #[cfg(ossl111)]
209 pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000;
210 #[cfg(ossl111)]
211 pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000;
212 #[cfg(ossl111)]
213 pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000;
214
215 #[cfg(ossl111)]
216 pub type SSL_custom_ext_add_cb_ex = Option<
217 unsafe extern "C" fn(
218 ssl: *mut ::SSL,
219 ext_type: c_uint,
220 context: c_uint,
221 out: *mut *const c_uchar,
222 outlen: *mut size_t,
223 x: *mut ::X509,
224 chainidx: size_t,
225 al: *mut c_int,
226 add_arg: *mut c_void,
227 ) -> c_int,
228 >;
229
230 #[cfg(ossl111)]
231 pub type SSL_custom_ext_free_cb_ex = Option<
232 unsafe extern "C" fn(
233 ssl: *mut ::SSL,
234 ext_type: c_uint,
235 context: c_uint,
236 out: *mut *const c_uchar,
237 add_arg: *mut c_void,
238 ),
239 >;
240
241 #[cfg(ossl111)]
242 pub type SSL_custom_ext_parse_cb_ex = Option<
243 unsafe extern "C" fn(
244 ssl: *mut ::SSL,
245 ext_type: c_uint,
246 context: c_uint,
247 input: *const c_uchar,
248 inlen: size_t,
249 x: *mut ::X509,
250 chainidx: size_t,
251 al: *mut c_int,
252 parse_arg: *mut c_void,
253 ) -> c_int,
254 >;
255
256 pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004;
257 cfg_if! {
258 if #[cfg(libressl261)] {
259 pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0;
260 } else if #[cfg(any(ossl102, libressl))] {
261 pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x10;
262 }
263 }
264 #[cfg(ossl101)]
265 pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: c_ulong = 0x00000040;
266
267 pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800;
268
269 pub const SSL_OP_NO_QUERY_MTU: c_ulong = 0x00001000;
270 pub const SSL_OP_COOKIE_EXCHANGE: c_ulong = 0x00002000;
271 pub const SSL_OP_NO_TICKET: c_ulong = 0x00004000;
272 cfg_if! {
273 if #[cfg(ossl101)] {
274 pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x00008000;
275 } else {
276 pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0;
277 }
278 }
279
280 pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: c_ulong = 0x00010000;
281 cfg_if! {
282 if #[cfg(ossl101)] {
283 pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x00020000;
284 pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: c_ulong = 0x00040000;
285 } else {
286 pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0;
287 pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: c_ulong = 0x0;
288 }
289 }
290
291 #[cfg(ossl111)]
292 pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000;
293
294 pub const SSL_OP_CIPHER_SERVER_PREFERENCE: c_ulong = 0x00400000;
295 cfg_if! {
296 if #[cfg(libressl280)] {
297 pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0;
298 } else {
299 pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0x00800000;
300 }
301 }
302
303 cfg_if! {
304 if #[cfg(ossl101)] {
305 pub const SSL_OP_NO_SSLv3: c_ulong = 0x02000000;
306 } else {
307 pub const SSL_OP_NO_SSLv3: c_ulong = 0x0;
308 }
309 }
310 pub const SSL_OP_NO_TLSv1_1: c_ulong = 0x10000000;
311 pub const SSL_OP_NO_TLSv1_2: c_ulong = 0x08000000;
312
313 pub const SSL_OP_NO_TLSv1: c_ulong = 0x04000000;
314 #[cfg(ossl102)]
315 pub const SSL_OP_NO_DTLSv1: c_ulong = 0x04000000;
316 #[cfg(ossl102)]
317 pub const SSL_OP_NO_DTLSv1_2: c_ulong = 0x08000000;
318 #[cfg(ossl111)]
319 pub const SSL_OP_NO_TLSv1_3: c_ulong = 0x20000000;
320
321 cfg_if! {
322 if #[cfg(ossl111)] {
323 pub const SSL_OP_NO_SSL_MASK: c_ulong = SSL_OP_NO_SSLv2
324 | SSL_OP_NO_SSLv3
325 | SSL_OP_NO_TLSv1
326 | SSL_OP_NO_TLSv1_1
327 | SSL_OP_NO_TLSv1_2
328 | SSL_OP_NO_TLSv1_3;
329 } else if #[cfg(ossl102)] {
330 pub const SSL_OP_NO_SSL_MASK: c_ulong =
331 SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
332 }
333 }
334
335 cfg_if! {
336 if #[cfg(libressl261)] {
337 pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0;
338 } else {
339 pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000;
340 }
341 }
342
343 cfg_if! {
344 if #[cfg(ossl110f)] {
345 pub const SSL_OP_ALL: c_ulong = SSL_OP_CRYPTOPRO_TLSEXT_BUG
346 | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
347 | SSL_OP_LEGACY_SERVER_CONNECT
348 | SSL_OP_TLSEXT_PADDING
349 | SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
350 } else if #[cfg(libressl261)] {
351 pub const SSL_OP_ALL: c_ulong = 0x4;
352 } else if #[cfg(libressl)] {
353 pub const SSL_OP_ALL: c_ulong = 0x80000014;
354 } else {
355 pub const SSL_OP_ALL: c_ulong = 0x80000BFF;
356 }
357 }
358
359 cfg_if! {
360 if #[cfg(ossl110)] {
361 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000;
362 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000000;
363 pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: c_ulong = 0x00000000;
364 pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x00000000;
365 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x00000000;
366 pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x00000000;
367 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x00000000;
368 pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00000000;
369 pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00000000;
370 pub const SSL_OP_NO_SSLv2: c_ulong = 0x00000000;
371 } else if #[cfg(ossl101)] {
372 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000001;
373 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000002;
374 pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: c_ulong = 0x00000008;
375 pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x00000020;
376 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x00000080;
377 pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x00000100;
378 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x00000200;
379 pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000;
380 pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000;
381 pub const SSL_OP_NO_SSLv2: c_ulong = 0x01000000;
382 } else {
383 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x0;
384 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x0;
385 pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: c_ulong = 0x0;
386 pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x0;
387 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0;
388 pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0;
389 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0;
390 #[cfg(libressl261)]
391 pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0;
392 #[cfg(not(libressl261))]
393 pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000;
394 pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000;
395 pub const SSL_OP_NO_SSLv2: c_ulong = 0x0;
396 }
397 }
398
399 pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1;
400 pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2;
401 pub const SSL_MODE_AUTO_RETRY: c_long = 0x4;
402 pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8;
403 pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10;
404 #[cfg(ossl101)]
405 pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20;
406 #[cfg(ossl101)]
407 pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40;
408 #[cfg(ossl101)]
409 pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80;
410
SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long411 pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long {
412 SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut())
413 }
414
415 #[cfg(ossl111)]
416 pub const SSL_COOKIE_LENGTH: c_int = 4096;
417
418 cfg_if! {
419 if #[cfg(ossl110)] {
420 extern "C" {
421 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
422 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
423 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
424 }
425 } else {
426 pub unsafe fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong {
427 SSL_CTX_ctrl(ctx as *mut _, SSL_CTRL_OPTIONS, 0, ptr::null_mut()) as c_ulong
428 }
429
430 pub unsafe fn SSL_CTX_set_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong {
431 SSL_CTX_ctrl(
432 ctx as *mut _,
433 SSL_CTRL_OPTIONS,
434 op as c_long,
435 ptr::null_mut(),
436 ) as c_ulong
437 }
438
439 pub unsafe fn SSL_CTX_clear_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong {
440 SSL_CTX_ctrl(
441 ctx as *mut _,
442 SSL_CTRL_CLEAR_OPTIONS,
443 op as c_long,
444 ptr::null_mut(),
445 ) as c_ulong
446 }
447 }
448 }
449
450 pub type GEN_SESSION_CB =
451 Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
452
453 pub const SSL_SESS_CACHE_OFF: c_long = 0x0;
454 pub const SSL_SESS_CACHE_CLIENT: c_long = 0x1;
455 pub const SSL_SESS_CACHE_SERVER: c_long = 0x2;
456 pub const SSL_SESS_CACHE_BOTH: c_long = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER;
457 pub const SSL_SESS_CACHE_NO_AUTO_CLEAR: c_long = 0x80;
458 pub const SSL_SESS_CACHE_NO_INTERNAL_LOOKUP: c_long = 0x100;
459 pub const SSL_SESS_CACHE_NO_INTERNAL_STORE: c_long = 0x200;
460 pub const SSL_SESS_CACHE_NO_INTERNAL: c_long =
461 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE;
462
463 extern "C" {
SSL_CTX_sess_set_new_cb( ctx: *mut SSL_CTX, new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>, )464 pub fn SSL_CTX_sess_set_new_cb(
465 ctx: *mut SSL_CTX,
466 new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
467 );
SSL_CTX_sess_set_remove_cb( ctx: *mut SSL_CTX, remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>, )468 pub fn SSL_CTX_sess_set_remove_cb(
469 ctx: *mut SSL_CTX,
470 remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
471 );
472 }
473 cfg_if! {
474 if #[cfg(any(ossl110, libressl280))] {
475 extern "C" {
476 pub fn SSL_CTX_sess_set_get_cb(
477 ctx: *mut ::SSL_CTX,
478 get_session_cb: Option<
479 unsafe extern "C" fn(*mut ::SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
480 >,
481 );
482 }
483 } else {
484 extern "C" {
485 pub fn SSL_CTX_sess_set_get_cb(
486 ctx: *mut ::SSL_CTX,
487 get_session_cb: Option<
488 unsafe extern "C" fn(*mut ::SSL, *mut c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
489 >,
490 );
491 }
492 }
493 }
494 extern "C" {
495 // FIXME change to unsafe extern "C" fn
SSL_CTX_set_cookie_generate_cb( s: *mut SSL_CTX, cb: Option< extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int, >, )496 pub fn SSL_CTX_set_cookie_generate_cb(
497 s: *mut SSL_CTX,
498 cb: Option<
499 extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
500 >,
501 );
502 }
503
504 cfg_if! {
505 if #[cfg(any(ossl110, libressl280))] {
506 extern "C" {
507 pub fn SSL_CTX_set_cookie_verify_cb(
508 s: *mut SSL_CTX,
509 cb: Option<
510 extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
511 >,
512 );
513 }
514 } else {
515 extern "C" {
516 pub fn SSL_CTX_set_cookie_verify_cb(
517 s: *mut SSL_CTX,
518 cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>,
519 );
520 }
521 }
522 }
523
524 extern "C" {
525 #[cfg(ossl111)]
SSL_CTX_set_stateless_cookie_generate_cb( s: *mut SSL_CTX, cb: Option< unsafe extern "C" fn( ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut size_t, ) -> c_int, >, )526 pub fn SSL_CTX_set_stateless_cookie_generate_cb(
527 s: *mut SSL_CTX,
528 cb: Option<
529 unsafe extern "C" fn(
530 ssl: *mut SSL,
531 cookie: *mut c_uchar,
532 cookie_len: *mut size_t,
533 ) -> c_int,
534 >,
535 );
536 #[cfg(ossl111)]
SSL_CTX_set_stateless_cookie_verify_cb( s: *mut SSL_CTX, cb: Option< unsafe extern "C" fn( ssl: *mut SSL, cookie: *const c_uchar, cookie_len: size_t, ) -> c_int, >, )537 pub fn SSL_CTX_set_stateless_cookie_verify_cb(
538 s: *mut SSL_CTX,
539 cb: Option<
540 unsafe extern "C" fn(
541 ssl: *mut SSL,
542 cookie: *const c_uchar,
543 cookie_len: size_t,
544 ) -> c_int,
545 >,
546 );
547
SSL_CTX_set_next_protos_advertised_cb( ssl: *mut SSL_CTX, cb: extern "C" fn( ssl: *mut SSL, out: *mut *const c_uchar, outlen: *mut c_uint, arg: *mut c_void, ) -> c_int, arg: *mut c_void, )548 pub fn SSL_CTX_set_next_protos_advertised_cb(
549 ssl: *mut SSL_CTX,
550 cb: extern "C" fn(
551 ssl: *mut SSL,
552 out: *mut *const c_uchar,
553 outlen: *mut c_uint,
554 arg: *mut c_void,
555 ) -> c_int,
556 arg: *mut c_void,
557 );
SSL_CTX_set_next_proto_select_cb( ssl: *mut SSL_CTX, cb: extern "C" fn( ssl: *mut SSL, out: *mut *mut c_uchar, outlen: *mut c_uchar, inbuf: *const c_uchar, inlen: c_uint, arg: *mut c_void, ) -> c_int, arg: *mut c_void, )558 pub fn SSL_CTX_set_next_proto_select_cb(
559 ssl: *mut SSL_CTX,
560 cb: extern "C" fn(
561 ssl: *mut SSL,
562 out: *mut *mut c_uchar,
563 outlen: *mut c_uchar,
564 inbuf: *const c_uchar,
565 inlen: c_uint,
566 arg: *mut c_void,
567 ) -> c_int,
568 arg: *mut c_void,
569 );
SSL_get0_next_proto_negotiated( s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint, )570 pub fn SSL_get0_next_proto_negotiated(
571 s: *const SSL,
572 data: *mut *const c_uchar,
573 len: *mut c_uint,
574 );
575
SSL_select_next_proto( out: *mut *mut c_uchar, outlen: *mut c_uchar, inbuf: *const c_uchar, inlen: c_uint, client: *const c_uchar, client_len: c_uint, ) -> c_int576 pub fn SSL_select_next_proto(
577 out: *mut *mut c_uchar,
578 outlen: *mut c_uchar,
579 inbuf: *const c_uchar,
580 inlen: c_uint,
581 client: *const c_uchar,
582 client_len: c_uint,
583 ) -> c_int;
584 }
585
586 pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0;
587 pub const OPENSSL_NPN_NEGOTIATED: c_int = 1;
588 pub const OPENSSL_NPN_NO_OVERLAP: c_int = 2;
589
590 extern "C" {
591 #[cfg(any(ossl102, libressl261))]
SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int592 pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
593 #[cfg(any(ossl102, libressl261))]
SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int594 pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
595 // FIXME should take an Option<unsafe extern "C" fn>
596 #[cfg(any(ossl102, libressl261))]
SSL_CTX_set_alpn_select_cb( ssl: *mut SSL_CTX, cb: extern "C" fn( ssl: *mut SSL, out: *mut *const c_uchar, outlen: *mut c_uchar, inbuf: *const c_uchar, inlen: c_uint, arg: *mut c_void, ) -> c_int, arg: *mut c_void, )597 pub fn SSL_CTX_set_alpn_select_cb(
598 ssl: *mut SSL_CTX,
599 cb: extern "C" fn(
600 ssl: *mut SSL,
601 out: *mut *const c_uchar,
602 outlen: *mut c_uchar,
603 inbuf: *const c_uchar,
604 inlen: c_uint,
605 arg: *mut c_void,
606 ) -> c_int,
607 arg: *mut c_void,
608 );
609 #[cfg(any(ossl102, libressl261))]
SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint)610 pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
611 }
612
613 #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
614 extern "C" {
SSL_CTX_set_psk_client_callback( ssl: *mut SSL_CTX, psk_client_cb: Option< extern "C" fn( *mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint, ) -> c_uint, >, )615 pub fn SSL_CTX_set_psk_client_callback(
616 ssl: *mut SSL_CTX,
617 psk_client_cb: Option<
618 extern "C" fn(
619 *mut SSL,
620 *const c_char,
621 *mut c_char,
622 c_uint,
623 *mut c_uchar,
624 c_uint,
625 ) -> c_uint,
626 >,
627 );
SSL_CTX_set_psk_server_callback( ssl: *mut SSL_CTX, psk_server_cb: Option< extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint, >, )628 pub fn SSL_CTX_set_psk_server_callback(
629 ssl: *mut SSL_CTX,
630 psk_server_cb: Option<
631 extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
632 >,
633 );
634 }
635
636 extern "C" {
637 #[cfg(ossl111)]
SSL_CTX_add_custom_ext( ctx: *mut ::SSL_CTX, ext_type: c_uint, context: c_uint, add_cb: SSL_custom_ext_add_cb_ex, free_cb: SSL_custom_ext_free_cb_ex, add_arg: *mut c_void, parse_cb: SSL_custom_ext_parse_cb_ex, parse_arg: *mut c_void, ) -> c_int638 pub fn SSL_CTX_add_custom_ext(
639 ctx: *mut ::SSL_CTX,
640 ext_type: c_uint,
641 context: c_uint,
642 add_cb: SSL_custom_ext_add_cb_ex,
643 free_cb: SSL_custom_ext_free_cb_ex,
644 add_arg: *mut c_void,
645 parse_cb: SSL_custom_ext_parse_cb_ex,
646 parse_arg: *mut c_void,
647 ) -> c_int;
648
649 #[cfg(ossl102)]
SSL_extension_supported(ext_type: c_uint) -> c_int650 pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
651 }
652
653 #[cfg(ossl111)]
654 pub type SSL_CTX_keylog_cb_func =
655 Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
656
657 extern "C" {
658 #[cfg(ossl111)]
SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func)659 pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
660
661 #[cfg(ossl111)]
SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int662 pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
663 #[cfg(ossl111)]
SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32664 pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
665 #[cfg(ossl111)]
SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int666 pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
667 #[cfg(ossl111)]
SSL_get_max_early_data(ctx: *const SSL) -> u32668 pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
669
SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t670 pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t671 pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
672 }
673
674 pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER;
675 pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR;
676 pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME;
677 pub const SSL_ERROR_NONE: c_int = 0;
678 pub const SSL_ERROR_SSL: c_int = 1;
679 pub const SSL_ERROR_SYSCALL: c_int = 5;
680 pub const SSL_ERROR_WANT_ACCEPT: c_int = 8;
681 pub const SSL_ERROR_WANT_CONNECT: c_int = 7;
682 pub const SSL_ERROR_WANT_READ: c_int = 2;
683 pub const SSL_ERROR_WANT_WRITE: c_int = 3;
684 pub const SSL_ERROR_WANT_X509_LOOKUP: c_int = 4;
685 pub const SSL_ERROR_ZERO_RETURN: c_int = 6;
686 #[cfg(ossl111)]
687 pub const SSL_ERROR_WANT_CLIENT_HELLO_CB: c_int = 11;
688 pub const SSL_VERIFY_NONE: c_int = 0;
689 pub const SSL_VERIFY_PEER: c_int = 1;
690 pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2;
691 pub const SSL_CTRL_SET_TMP_DH: c_int = 3;
692 pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4;
693 #[cfg(any(libressl, all(ossl101, not(ossl110))))]
694 pub const SSL_CTRL_GET_SESSION_REUSED: c_int = 8;
695 pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14;
696 #[cfg(any(libressl, all(ossl101, not(ossl110))))]
697 pub const SSL_CTRL_OPTIONS: c_int = 32;
698 pub const SSL_CTRL_MODE: c_int = 33;
699 pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41;
700 pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42;
701 pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43;
702 pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44;
703 pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53;
704 pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54;
705 pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55;
706 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: c_int = 63;
707 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: c_int = 64;
708 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65;
709 pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70;
710 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71;
711 #[cfg(any(libressl, all(ossl101, not(ossl110))))]
712 pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77;
713 pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82;
714 #[cfg(any(libressl, all(ossl102, not(ossl110))))]
715 pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94;
716 #[cfg(ossl102)]
717 pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106;
718 #[cfg(ossl110)]
719 pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123;
720 #[cfg(ossl110)]
721 pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124;
722 #[cfg(ossl110g)]
723 pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130;
724 #[cfg(ossl110g)]
725 pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131;
726
SSL_CTX_set_tmp_dh(ctx: *mut SSL_CTX, dh: *mut DH) -> c_long727 pub unsafe fn SSL_CTX_set_tmp_dh(ctx: *mut SSL_CTX, dh: *mut DH) -> c_long {
728 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void)
729 }
730
SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_long731 pub unsafe fn SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_long {
732 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void)
733 }
734
SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long735 pub unsafe fn SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long {
736 SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void)
737 }
738
SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long739 pub unsafe fn SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long {
740 SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void)
741 }
742
SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long743 pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long {
744 SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void)
745 }
746
SSL_CTX_get_extra_chain_certs( ctx: *mut SSL_CTX, chain: *mut *mut stack_st_X509, ) -> c_long747 pub unsafe fn SSL_CTX_get_extra_chain_certs(
748 ctx: *mut SSL_CTX,
749 chain: *mut *mut stack_st_X509,
750 ) -> c_long {
751 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void)
752 }
753
754 #[cfg(ossl102)]
SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_STORE) -> c_long755 pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_STORE) -> c_long {
756 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void)
757 }
758
759 #[cfg(any(libressl, all(ossl102, not(ossl110))))]
SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int760 pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int {
761 SSL_CTX_ctrl(
762 ctx,
763 SSL_CTRL_SET_ECDH_AUTO,
764 onoff as c_long,
765 ptr::null_mut(),
766 ) as c_int
767 }
768
769 #[cfg(any(libress, all(ossl102, not(ossl110))))]
SSL_set_ecdh_auto(ssl: *mut ::SSL, onoff: c_int) -> c_int770 pub unsafe fn SSL_set_ecdh_auto(ssl: *mut ::SSL, onoff: c_int) -> c_int {
771 SSL_ctrl(
772 ssl,
773 SSL_CTRL_SET_ECDH_AUTO,
774 onoff as c_long,
775 ptr::null_mut(),
776 ) as c_int
777 }
778
779 cfg_if! {
780 if #[cfg(ossl110)] {
781 pub unsafe fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int {
782 SSL_CTX_ctrl(
783 ctx,
784 SSL_CTRL_SET_MIN_PROTO_VERSION,
785 version as c_long,
786 ptr::null_mut(),
787 ) as c_int
788 }
789
790 pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int {
791 SSL_CTX_ctrl(
792 ctx,
793 SSL_CTRL_SET_MAX_PROTO_VERSION,
794 version as c_long,
795 ptr::null_mut(),
796 ) as c_int
797 }
798 } else if #[cfg(libressl261)] {
799 extern "C" {
800 pub fn SSL_CTX_set_min_proto_version(ctx: *mut ::SSL_CTX, version: u16) -> c_int;
801 pub fn SSL_CTX_set_max_proto_version(ctx: *mut ::SSL_CTX, version: u16) -> c_int;
802 }
803 }
804 }
805
806 cfg_if! {
807 if #[cfg(ossl110g)] {
808 #[cfg(ossl110g)]
809 pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int {
810 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
811 }
812
813 #[cfg(ossl110g)]
814 pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int {
815 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
816 }
817 } else if #[cfg(libressl270)] {
818 extern "C" {
819 pub fn SSL_CTX_get_min_proto_version(ctx: *mut ::SSL_CTX) -> c_int;
820 pub fn SSL_CTX_get_max_proto_version(ctx: *mut ::SSL_CTX) -> c_int;
821 }
822 }
823 }
824
825 #[cfg(ossl110)]
SSL_set_min_proto_version(s: *mut SSL, version: c_int) -> c_int826 pub unsafe fn SSL_set_min_proto_version(s: *mut SSL, version: c_int) -> c_int {
827 SSL_ctrl(
828 s,
829 SSL_CTRL_SET_MIN_PROTO_VERSION,
830 version as c_long,
831 ptr::null_mut(),
832 ) as c_int
833 }
834
835 #[cfg(ossl110)]
SSL_set_max_proto_version(s: *mut SSL, version: c_int) -> c_int836 pub unsafe fn SSL_set_max_proto_version(s: *mut SSL, version: c_int) -> c_int {
837 SSL_ctrl(
838 s,
839 SSL_CTRL_SET_MAX_PROTO_VERSION,
840 version as c_long,
841 ptr::null_mut(),
842 ) as c_int
843 }
844
845 #[cfg(ossl110g)]
SSL_get_min_proto_version(s: *mut SSL) -> c_int846 pub unsafe fn SSL_get_min_proto_version(s: *mut SSL) -> c_int {
847 SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
848 }
849
850 #[cfg(ossl110g)]
SSL_get_max_proto_version(s: *mut SSL) -> c_int851 pub unsafe fn SSL_get_max_proto_version(s: *mut SSL) -> c_int {
852 SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
853 }
854
855 extern "C" {
SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int856 pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX857 pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
SSL_CTX_free(ctx: *mut SSL_CTX)858 pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
859 #[cfg(any(ossl110, libressl273))]
SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int860 pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE861 pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
862
SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER863 pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int864 pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
865 }
866 cfg_if! {
867 if #[cfg(any(ossl110, libressl280))] {
868 extern "C" {
869 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char;
870 }
871 } else {
872 extern "C" {
873 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *mut c_char;
874 }
875 }
876 }
877 extern "C" {
878 #[cfg(ossl111)]
SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD879 pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD;
SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char880 pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
881 #[cfg(ossl111)]
SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char882 pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
883 #[cfg(ossl111)]
OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char884 pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
885
SSL_pending(ssl: *const SSL) -> c_int886 pub fn SSL_pending(ssl: *const SSL) -> c_int;
SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO)887 pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
SSL_get_rbio(ssl: *const SSL) -> *mut BIO888 pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
SSL_get_wbio(ssl: *const SSL) -> *mut BIO889 pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
890 #[cfg(ossl111)]
SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int891 pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
892 #[cfg(ossl111)]
SSL_set_ciphersuites(ssl: *mut ::SSL, str: *const c_char) -> c_int893 pub fn SSL_set_ciphersuites(ssl: *mut ::SSL, str: *const c_char) -> c_int;
SSL_set_verify( ssl: *mut SSL, mode: c_int, verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>, )894 pub fn SSL_set_verify(
895 ssl: *mut SSL,
896 mode: c_int,
897 // FIXME should be unsafe
898 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
899 );
SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int900 pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int901 pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
902
SSL_CTX_use_PrivateKey_file( ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int, ) -> c_int903 pub fn SSL_CTX_use_PrivateKey_file(
904 ctx: *mut SSL_CTX,
905 key_file: *const c_char,
906 file_type: c_int,
907 ) -> c_int;
SSL_CTX_use_certificate_file( ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int, ) -> c_int908 pub fn SSL_CTX_use_certificate_file(
909 ctx: *mut SSL_CTX,
910 cert_file: *const c_char,
911 file_type: c_int,
912 ) -> c_int;
SSL_CTX_use_certificate_chain_file( ctx: *mut SSL_CTX, cert_chain_file: *const c_char, ) -> c_int913 pub fn SSL_CTX_use_certificate_chain_file(
914 ctx: *mut SSL_CTX,
915 cert_chain_file: *const c_char,
916 ) -> c_int;
SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME917 pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
918
919 #[cfg(not(ossl110))]
SSL_load_error_strings()920 pub fn SSL_load_error_strings();
SSL_state_string(ssl: *const SSL) -> *const c_char921 pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
SSL_state_string_long(ssl: *const SSL) -> *const c_char922 pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
923
SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long924 pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long925 pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
926 #[cfg(ossl110)]
SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int927 pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
928
929 #[cfg(ossl111)]
SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int930 pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
931 #[cfg(ossl111)]
SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32932 pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
933
SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar934 pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
935 #[cfg(any(ossl110, libressl273))]
SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int936 pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
SSL_SESSION_free(s: *mut SSL_SESSION)937 pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
i2d_SSL_SESSION(s: *mut SSL_SESSION, pp: *mut *mut c_uchar) -> c_int938 pub fn i2d_SSL_SESSION(s: *mut SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int939 pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int940 pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int941 pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
d2i_SSL_SESSION( a: *mut *mut SSL_SESSION, pp: *mut *const c_uchar, len: c_long, ) -> *mut SSL_SESSION942 pub fn d2i_SSL_SESSION(
943 a: *mut *mut SSL_SESSION,
944 pp: *mut *const c_uchar,
945 len: c_long,
946 ) -> *mut SSL_SESSION;
947
SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509948 pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
949
SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509950 pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
951
SSL_CTX_set_verify( ctx: *mut SSL_CTX, mode: c_int, verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>, )952 pub fn SSL_CTX_set_verify(
953 ctx: *mut SSL_CTX,
954 mode: c_int,
955 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
956 );
SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int)957 pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
958
SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int959 pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
960
SSL_CTX_set_session_id_context( ssl: *mut SSL_CTX, sid_ctx: *const c_uchar, sid_ctx_len: c_uint, ) -> c_int961 pub fn SSL_CTX_set_session_id_context(
962 ssl: *mut SSL_CTX,
963 sid_ctx: *const c_uchar,
964 sid_ctx_len: c_uint,
965 ) -> c_int;
966
SSL_new(ctx: *mut SSL_CTX) -> *mut SSL967 pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
968
969 #[cfg(any(ossl102, libressl261))]
SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM970 pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
971 }
972
973 #[cfg(ossl111)]
974 pub const SSL_CLIENT_HELLO_SUCCESS: c_int = 1;
975 #[cfg(ossl111)]
976 pub const SSL_CLIENT_HELLO_ERROR: c_int = 0;
977 #[cfg(ossl111)]
978 pub const SSL_CLIENT_HELLO_RETRY: c_int = -1;
979
980 #[cfg(ossl111)]
981 pub type SSL_client_hello_cb_fn =
982 Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
983 extern "C" {
984 #[cfg(ossl111)]
SSL_CTX_set_client_hello_cb( c: *mut SSL_CTX, cb: SSL_client_hello_cb_fn, arg: *mut c_void, )985 pub fn SSL_CTX_set_client_hello_cb(
986 c: *mut SSL_CTX,
987 cb: SSL_client_hello_cb_fn,
988 arg: *mut c_void,
989 );
990 #[cfg(ossl111)]
SSL_client_hello_isv2(s: *mut SSL) -> c_int991 pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
992 #[cfg(ossl111)]
SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint993 pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
994 #[cfg(ossl111)]
SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t995 pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
996 #[cfg(ossl111)]
SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t997 pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
998 #[cfg(ossl111)]
SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t999 pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
1000 #[cfg(ossl111)]
SSL_client_hello_get0_compression_methods( s: *mut SSL, out: *mut *const c_uchar, ) -> size_t1001 pub fn SSL_client_hello_get0_compression_methods(
1002 s: *mut SSL,
1003 out: *mut *const c_uchar,
1004 ) -> size_t;
1005 #[cfg(ossl111)]
SSL_client_hello_get1_extensions_present( s: *mut SSL, out: *mut *mut c_int, outlen: *mut size_t, ) -> c_int1006 pub fn SSL_client_hello_get1_extensions_present(
1007 s: *mut SSL,
1008 out: *mut *mut c_int,
1009 outlen: *mut size_t,
1010 ) -> c_int;
1011 #[cfg(ossl111)]
SSL_client_hello_get0_ext( s: *mut SSL, type_: c_uint, out: *mut *const c_uchar, outlen: *mut size_t, ) -> c_int1012 pub fn SSL_client_hello_get0_ext(
1013 s: *mut SSL,
1014 type_: c_uint,
1015 out: *mut *const c_uchar,
1016 outlen: *mut size_t,
1017 ) -> c_int;
1018
SSL_free(ssl: *mut SSL)1019 pub fn SSL_free(ssl: *mut SSL);
SSL_accept(ssl: *mut SSL) -> c_int1020 pub fn SSL_accept(ssl: *mut SSL) -> c_int;
1021 #[cfg(ossl111)]
SSL_stateless(s: *mut SSL) -> c_int1022 pub fn SSL_stateless(s: *mut SSL) -> c_int;
SSL_connect(ssl: *mut SSL) -> c_int1023 pub fn SSL_connect(ssl: *mut SSL) -> c_int;
SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int1024 pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
1025 #[cfg(ossl111)]
SSL_read_early_data( s: *mut ::SSL, buf: *mut c_void, num: size_t, readbytes: *mut size_t, ) -> c_int1026 pub fn SSL_read_early_data(
1027 s: *mut ::SSL,
1028 buf: *mut c_void,
1029 num: size_t,
1030 readbytes: *mut size_t,
1031 ) -> c_int;
1032 }
1033
1034 #[cfg(ossl111)]
1035 pub const SSL_READ_EARLY_DATA_ERROR: c_int = 0;
1036 #[cfg(ossl111)]
1037 pub const SSL_READ_EARLY_DATA_SUCCESS: c_int = 1;
1038 #[cfg(ossl111)]
1039 pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2;
1040
1041 extern "C" {
SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int1042 pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
1043 #[cfg(ossl111)]
SSL_write_early_data( s: *mut SSL, buf: *const c_void, num: size_t, written: *mut size_t, ) -> c_int1044 pub fn SSL_write_early_data(
1045 s: *mut SSL,
1046 buf: *const c_void,
1047 num: size_t,
1048 written: *mut size_t,
1049 ) -> c_int;
SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long1050 pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long1051 pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
SSL_CTX_callback_ctrl( ctx: *mut SSL_CTX, cmd: c_int, fp: Option<extern "C" fn()>, ) -> c_long1052 pub fn SSL_CTX_callback_ctrl(
1053 ctx: *mut SSL_CTX,
1054 cmd: c_int,
1055 fp: Option<extern "C" fn()>,
1056 ) -> c_long;
1057 }
1058
1059 cfg_if! {
1060 if #[cfg(any(ossl110, libressl291))] {
1061 extern "C" {
1062 pub fn TLS_method() -> *const SSL_METHOD;
1063
1064 pub fn DTLS_method() -> *const SSL_METHOD;
1065 }
1066 } else {
1067 extern "C" {
1068 #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))]
1069 pub fn SSLv3_method() -> *const SSL_METHOD;
1070
1071 pub fn SSLv23_method() -> *const SSL_METHOD;
1072
1073 pub fn TLSv1_method() -> *const SSL_METHOD;
1074
1075 pub fn TLSv1_1_method() -> *const SSL_METHOD;
1076
1077 pub fn TLSv1_2_method() -> *const SSL_METHOD;
1078
1079 pub fn DTLSv1_method() -> *const SSL_METHOD;
1080
1081 #[cfg(ossl102)]
1082 pub fn DTLSv1_2_method() -> *const SSL_METHOD;
1083 }
1084 }
1085 }
1086
1087 extern "C" {
SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int1088 pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
SSL_get_version(ssl: *const SSL) -> *const c_char1089 pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
1090
SSL_do_handshake(ssl: *mut SSL) -> c_int1091 pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
SSL_shutdown(ssl: *mut SSL) -> c_int1092 pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
1093
SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME)1094 pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
1095
1096 #[cfg(not(libressl))]
SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int1097 pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
1098
SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int1099 pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
SSL_CTX_load_verify_locations( ctx: *mut SSL_CTX, CAfile: *const c_char, CApath: *const c_char, ) -> c_int1100 pub fn SSL_CTX_load_verify_locations(
1101 ctx: *mut SSL_CTX,
1102 CAfile: *const c_char,
1103 CApath: *const c_char,
1104 ) -> c_int;
1105 }
1106
1107 cfg_if! {
1108 if #[cfg(ossl111b)] {
1109 extern "C" {
1110 pub fn SSL_get_ssl_method(ssl: *const SSL) -> *const SSL_METHOD;
1111 }
1112 } else {
1113 extern "C" {
1114 pub fn SSL_get_ssl_method(ssl: *mut SSL) -> *const SSL_METHOD;
1115 }
1116 }
1117 }
1118
1119 extern "C" {
SSL_set_connect_state(s: *mut SSL)1120 pub fn SSL_set_connect_state(s: *mut SSL);
SSL_set_accept_state(s: *mut SSL)1121 pub fn SSL_set_accept_state(s: *mut SSL);
1122
1123 #[cfg(not(ossl110))]
SSL_library_init() -> c_int1124 pub fn SSL_library_init() -> c_int;
1125
SSL_CIPHER_description( cipher: *const SSL_CIPHER, buf: *mut c_char, size: c_int, ) -> *mut c_char1126 pub fn SSL_CIPHER_description(
1127 cipher: *const SSL_CIPHER,
1128 buf: *mut c_char,
1129 size: c_int,
1130 ) -> *mut c_char;
1131
SSL_get_certificate(ssl: *const SSL) -> *mut X5091132 pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
1133 }
1134 cfg_if! {
1135 if #[cfg(any(ossl102, libressl280))] {
1136 extern "C" {
1137 pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY;
1138 }
1139 } else {
1140 extern "C" {
1141 pub fn SSL_get_privatekey(ssl: *mut SSL) -> *mut EVP_PKEY;
1142 }
1143 }
1144 }
1145
1146 extern "C" {
1147 #[cfg(ossl102)]
SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X5091148 pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
1149 #[cfg(ossl102)]
SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY1150 pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
1151
SSL_set_shutdown(ss: *mut SSL, mode: c_int)1152 pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
SSL_get_shutdown(ssl: *const SSL) -> c_int1153 pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
SSL_version(ssl: *const SSL) -> c_int1154 pub fn SSL_version(ssl: *const SSL) -> c_int;
SSL_get_session(s: *const SSL) -> *mut SSL_SESSION1155 pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX1156 pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX1157 pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
1158
SSL_get_verify_result(ssl: *const SSL) -> c_long1159 pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
1160 #[cfg(ossl110)]
SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X5091161 pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
1162
1163 #[cfg(ossl110)]
SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t1164 pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
1165 #[cfg(ossl110)]
SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t1166 pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
1167 #[cfg(any(ossl110, libressl273))]
SSL_SESSION_get_master_key( session: *const SSL_SESSION, out: *mut c_uchar, outlen: size_t, ) -> size_t1168 pub fn SSL_SESSION_get_master_key(
1169 session: *const SSL_SESSION,
1170 out: *mut c_uchar,
1171 outlen: size_t,
1172 ) -> size_t;
1173 }
1174
1175 cfg_if! {
1176 if #[cfg(ossl110)] {
1177 pub unsafe fn SSL_get_ex_new_index(
1178 l: c_long,
1179 p: *mut c_void,
1180 newf: Option<CRYPTO_EX_new>,
1181 dupf: Option<CRYPTO_EX_dup>,
1182 freef: Option<CRYPTO_EX_free>,
1183 ) -> c_int {
1184 CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
1185 }
1186 } else {
1187 extern "C" {
1188 pub fn SSL_get_ex_new_index(
1189 argl: c_long,
1190 argp: *mut c_void,
1191 new_func: Option<CRYPTO_EX_new>,
1192 dup_func: Option<CRYPTO_EX_dup>,
1193 free_func: Option<CRYPTO_EX_free>,
1194 ) -> c_int;
1195 }
1196 }
1197 }
1198 extern "C" {
SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int1199 pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void1200 pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
1201 }
1202 cfg_if! {
1203 if #[cfg(ossl110)] {
1204 pub unsafe fn SSL_CTX_get_ex_new_index(
1205 l: c_long,
1206 p: *mut c_void,
1207 newf: Option<CRYPTO_EX_new>,
1208 dupf: Option<CRYPTO_EX_dup>,
1209 freef: Option<CRYPTO_EX_free>,
1210 ) -> c_int {
1211 CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
1212 }
1213 } else {
1214 extern "C" {
1215 pub fn SSL_CTX_get_ex_new_index(
1216 argl: c_long,
1217 argp: *mut c_void,
1218 new_func: Option<::CRYPTO_EX_new>,
1219 dup_func: Option<::CRYPTO_EX_dup>,
1220 free_func: Option<::CRYPTO_EX_free>,
1221 ) -> c_int;
1222 }
1223 }
1224 }
1225 extern "C" {
SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int1226 pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void1227 pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
1228
SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int1229 pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
1230 }
1231
SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long1232 pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long {
1233 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut())
1234 }
1235
SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long1236 pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long {
1237 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut())
1238 }
1239
SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long1240 pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long {
1241 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut())
1242 }
1243
SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long1244 pub unsafe fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long {
1245 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, ptr::null_mut())
1246 }
1247
1248 extern "C" {
1249 // FIXME should take an option
SSL_CTX_set_tmp_dh_callback( ctx: *mut SSL_CTX, dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, )1250 pub fn SSL_CTX_set_tmp_dh_callback(
1251 ctx: *mut SSL_CTX,
1252 dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
1253 );
1254 // FIXME should take an option
SSL_set_tmp_dh_callback( ctx: *mut SSL, dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, )1255 pub fn SSL_set_tmp_dh_callback(
1256 ctx: *mut SSL,
1257 dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
1258 );
1259 // FIXME should take an option
1260 #[cfg(not(ossl110))]
SSL_CTX_set_tmp_ecdh_callback( ctx: *mut ::SSL_CTX, ecdh: unsafe extern "C" fn( ssl: *mut ::SSL, is_export: c_int, keylength: c_int, ) -> *mut ::EC_KEY, )1261 pub fn SSL_CTX_set_tmp_ecdh_callback(
1262 ctx: *mut ::SSL_CTX,
1263 ecdh: unsafe extern "C" fn(
1264 ssl: *mut ::SSL,
1265 is_export: c_int,
1266 keylength: c_int,
1267 ) -> *mut ::EC_KEY,
1268 );
1269 // FIXME should take an option
1270 #[cfg(not(ossl110))]
SSL_set_tmp_ecdh_callback( ssl: *mut SSL, ecdh: unsafe extern "C" fn( ssl: *mut SSL, is_export: c_int, keylength: c_int, ) -> *mut EC_KEY, )1271 pub fn SSL_set_tmp_ecdh_callback(
1272 ssl: *mut SSL,
1273 ecdh: unsafe extern "C" fn(
1274 ssl: *mut SSL,
1275 is_export: c_int,
1276 keylength: c_int,
1277 ) -> *mut EC_KEY,
1278 );
1279 }
1280
1281 cfg_if! {
1282 if #[cfg(libressl)] {
1283 extern "C" {
1284 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void;
1285 }
1286 } else if #[cfg(osslconf = "OPENSSL_NO_COMP")] {
1287 } else if #[cfg(ossl111b)] {
1288 extern "C" {
1289 pub fn SSL_get_current_compression(ssl: *const SSL) -> *const COMP_METHOD;
1290 }
1291 } else {
1292 extern "C" {
1293 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD;
1294 }
1295 }
1296 }
1297 cfg_if! {
1298 if #[cfg(libressl)] {
1299 extern "C" {
1300 pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char;
1301 }
1302 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
1303 extern "C" {
1304 pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
1305 }
1306 }
1307 }
1308
1309 extern "C" {
1310 #[cfg(ossl110)]
SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int1311 pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
1312 #[cfg(ossl110)]
SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int1313 pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
1314 }
1315
1316 cfg_if! {
1317 if #[cfg(ossl111c)] {
1318 extern "C" {
1319 pub fn SSL_session_reused(ssl: *const SSL) -> c_int;
1320 }
1321 } else if #[cfg(ossl110)] {
1322 extern "C" {
1323 pub fn SSL_session_reused(ssl: *mut SSL) -> c_int;
1324 }
1325 } else {
1326 pub unsafe fn SSL_session_reused(ssl: *mut SSL) -> c_int {
1327 SSL_ctrl(ssl, SSL_CTRL_GET_SESSION_REUSED, 0, ptr::null_mut()) as c_int
1328 }
1329 }
1330 }
1331 cfg_if! {
1332 if #[cfg(any(ossl110f, libressl273))] {
1333 extern "C" {
1334 pub fn SSL_is_server(s: *const SSL) -> c_int;
1335 }
1336 } else if #[cfg(ossl102)] {
1337 extern "C" {
1338 pub fn SSL_is_server(s: *mut SSL) -> c_int;
1339 }
1340 }
1341 }
1342
1343 #[cfg(ossl110)]
1344 pub const OPENSSL_INIT_LOAD_SSL_STRINGS: u64 = 0x00200000;
1345
1346 extern "C" {
1347 #[cfg(ossl110)]
OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int1348 pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
1349 }
1350